Posts Tagged ‘oriented programming’

CVE-2012-1876: Recent update to the Cool Exploit Kit landing page

May

2013

A recently debuted exploit kit (EK), called “Cool EK,” and detected by us with the name Exploit:JS/Coolex, has been known to include various exploits targeting Oracle JRE, Adobe Reader, Adobe Flash Player to Windows kernel-mode drivers. If you’re unlucky enough to visit a webpage that hosts Cool EK, you might encounter all these exploits in […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Emerging ‘Stack Pivoting’ Exploits Bypass Common Security

May

2013

[This blog was primarily written by Xiaoning Li of Intel Labs, with assistance from Peter Szor of McAfee Labs.]In February 2013, the Adobe Product Security Incident Response Team (PSIRT) released security advisory APSA13-02. In that report they listed two vulnerabilities (CVE-2013-0640 and CVE-2013-0641) that were widely exploited. At Intel Labs and McAfee Labs we ran […]

Category General Written by Blog Central > McAfee Labs 0 Comments

Analyzing the First ROP-Only, Sandbox-Escaping PDF Exploit

Feb

2013

The winter of 2013 seems to be “zero-day” season. Right after my colleague Haifei Li analyzed the powerful Flash zero day last week, Adobe sent a security alert for another zero-day attack targeting the latest (and earlier) versions of Adobe Reader. Unlike Internet Explorer zero-day exploits that we have seen in the past, this Reader […]

Category General Written by Blog Central > McAfee Labs 0 Comments

The Latest in IT Security

Posts Tagged ‘oriented programming’

CVE-2012-1876: Recent update to the Cool Exploit Kit landing page

Emerging ‘Stack Pivoting’ Exploits Bypass Common Security

Analyzing the First ROP-Only, Sandbox-Escaping PDF Exploit

Categories

Featured

Archives

Latest Comments

About Us

Contact Us